Data security compliance - An application-oriented solution for small businesses

Asprion, Petra; Tschan, Tanja; Käppler, Sherdel

Data security compliance - An application-oriented solution for small businesses

Autor:innen

Asprion, Petra

Tschan, Tanja

Käppler, Sherdel

Autor:in (Körperschaft)

Publikationsdatum

2026

Typ der Arbeit

Studiengang

Sammlung

Institut für Wirtschaftsinformatik

Komplettanzeige

Typ

04B - Beitrag Konferenzschrift

Herausgeber:innen

Herausgeber:in (Körperschaft)

Betreuer:in

Übergeordnetes Werk

Society 5.0. 5th International Conference Society 5.0 2025, San Benedetto Del Tronto, Italy, June 25–27, 2025, Revised Selected Papers

Themenheft

DOI der Originalpublikation

https://doi.org/10.1007/978-3-032-15463-7_2

URI

https://irf.fhnw.ch/handle/11645/56955

Link

Zugehörige Forschungsdaten

Reihe / Serie

Communications in Computer and Information Science (CCIS)

Reihennummer

2787

Jahrgang / Band

Ausgabe / Nummer

Seiten / Dauer

13-24

Patentnummer

Verlag / Herausgebende Institution

Springer

Verlagsort / Veranstaltungsort

San Benedetto Del Tronto

Auflage

Version

Programmiersprache

Abtretungsempfänger:in

Praxispartner:in/Auftraggeber:in

Zusammenfassung

In the last decade, compliance management and data security have become increasingly critical for businesses, driven by evolving regulations. Small companies, in particular, face challenges in navigating complex regulatory landscapes and implementing effective data security compliance processes or even better sufficient management systems. To address this problem, this research developed an application-oriented solution, the “Action Plan for Data Security Compliance” (Act4DSC), a structured, evidence-based and easy-to-use tool designed to guide small businesses through the initial steps of data security compliance. Utilizing design science methodology, Act4DSC integrates the NIST Cybersecurity Framework 2.0 as its foundational structure with practitioner insights from several qualitative expert interviews. The Act4DSC offers a step-by-step approach, including regulatory alignment, stakeholder considerations, prioritization, data criticality classification, and gap analysis. Expert evaluations confirm its usability, adaptability, and structured guidance, making data security compliance more accessible for smaller businesses. Act4DSC fills a critical gap by tailoring compliance solutions for smaller businesses, bridging the divide between theoretical frameworks and practical implementations.

Schlagwörter

Fachgebiet (DDC)

005 - Computer Programmierung, Programme und Daten
658 - General Management

Projekt

Veranstaltung

5th International Conference Society 5.0 2025

Startdatum der Ausstellung

Enddatum der Ausstellung

Startdatum der Konferenz

25.06.2025

Enddatum der Konferenz

27.06.2025

Datum der letzten Prüfung

ISBN

978-3-032-15462-0
978-3-032-15463-7

ISSN

Sprache

Englisch

Während FHNW Zugehörigkeit erstellt

Ja

Zukunftsfelder FHNW

Publikationsstatus

Veröffentlicht

Begutachtung

peer-reviewed

Open Access-Status

Closed

Lizenz

Zitation

Asprion, P., Tschan, T., & Käppler, S. (2026). Data security compliance - An application-oriented solution for small businesses. In F. Corradini, K. Hinkelmann, H. Smuts, & B. Re (Eds.), Society 5.0. 5th International Conference Society 5.0 2025, San Benedetto Del Tronto, Italy, June 25–27, 2025, Revised Selected Papers (pp. 13–24). Springer. https://doi.org/10.1007/978-3-032-15463-7_2

Komplettanzeige